Week 52 in Review – 2009

Week 52 in Review – 2009

Tools:

fimap v0.7A Released – security-database.com
Tool for determining local and remote file inclusion bugs in webapps updated with show-my-ip, experimental HTTP proxy support and experimental blindmode, among others.

Mr-T smbenum and Firefox userprefs – ha.ckers.org
An update to the Master Recon Tool was released to include both the default Firefox preferences and the smbenum of Internet Explorer.

WinScanX – windowsaudit.com
WinScanX is a Windows auditing tool designed to help you get your Windows audit done quickly. It’s easy to use and no installation is required.

Metasploit Framework 3.3.3 Exploit Rankings – metasploit.com
This release focuses on exploit rankings, session automation, and bug fixes. Rankings can be used to prevent exploits below a certain rank from being used and limit the impact to a particular target.

Another TXT Attack – theinvisiblethings.blogspot.com
This attack exploits an implementation flaw in a SINIT AC module and allows for full TXT circumvention using a software-only attack.

Facebook clickjacking attack spreads – net-security.org
A new attack redirects users from a comment to a fake Turing test so that the same comment appears in friends pages. The goal seems to increase views of a certain Youtube video.

Intel Patches Flaw In Trusted Execution Tech – slashdot.org
Intel has released a patch for the affected chipsets with flaws in Intel’s Trusted Execution Technology (TXT), whose function is to provide a mechanism for safe loading of system software and to protect sensitive files.

Leave A Comment

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.